Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Additional Pool in DHCP, MAC address, MutilWAN, and PIA OpenVPN.

    General pfSense Questions
    3
    5
    519
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aah57
      last edited by

      Hi all,

      Despite the confusing subject line, my problem is pretty simple, except that I don't have the required pfSense knowledge as to solve it on my own. I have three WANs, two are setup as loadbalance/failover, and the third wan is a standalone wan that I have set my PIA openvpn over. My problem is that I would like a certain IP range (or even simpler, certain clients to talk through the openvpn via the third wan gateway, and rest talk through the the default loadbalance gateway).

      (WAN1 + WAN2) –-> LB Gateway while wan1 is the default gateway.
      LAN subnet 10.10.10.0, DHCP POOL: 10.10.10.100 - 10.10.10.179

      WAN3 --> PIA OVPN -----> For certain clients
      DHCP Additional Pool: 10.10.10.180 - 10.10.10.200

      I suppose one way is to assign MAC addresses to the additional pool. But, what would be the best way to approach this problem?

      Thanks

      1 Reply Last reply Reply Quote 0
      • A
        ashima LAYER 8
        last edited by

        You can sort of achieve this by ip-mac binding but the best way to do this is either use managed switch or vlan.

        Ashima

        1 Reply Last reply Reply Quote 0
        • A
          aah57
          last edited by

          Hi Ashima,

          Thanks for the reply. As far as my understanding goes the IP-MAC binding only works when the client IP is outside of dhcp pool. I tried this before. As for VLANs, I am absolutely clueless (have to start reading up on it). I want the clients to be able to talk to each other inside the LAN, but shuttle out through above gateways when connecting to the internet.

          PS. this setup is for home use.

          1 Reply Last reply Reply Quote 0
          • JKnottJ
            JKnott
            last edited by

            You won't see MAC addresses over the VPN in tunnel mode.  You have to use TAP mode.  However, a DHCP server at the remote site could also handle it, with tunnel mode.

            PfSense running on Qotom mini PC
            i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
            UniFi AC-Lite access point

            I haven't lost my mind. It's around here...somewhere...

            1 Reply Last reply Reply Quote 0
            • A
              ashima LAYER 8
              last edited by

              You can have two dhcp pools but you cannot tell this client should select from pool A and this client should select from pool B. So all the clients you want to be in pool B give them fixed ip. But remember if any other client which was suppose to get dhcp address from Pool A, fix his ip to pool B then he'll be allowed.

              So to avoid this you should either use Managed switch or go for vlan.

              If you have all wireless devices, then setting up vlans is quite simple. Only thing then required will be device which can tag the clients. Most of the APs now a days come vlan tagging facility.

              If you have desktops then you have to invest in managed switch.

              I can help you setup vlans, incase you decide to do so.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.